1. Não consegui habilitar o AVZ guard, dá esse erro: AVZ Guard error: C000036B
2. O Scan na Unidade c não termina nunca, sempre que chega na pasta C:\Users ou C:\Documents and Settings ele não sai delas, parece que as patas vão se duplicando e criando subdiretórios iguais ao infinito.
3. Pra me matar do coração, o log, sem escanear os discos diz que vários arquivos imposrtantes do sistema estão hijackeados:
AVZ Antiviral Toolkit log; AVZ version is 4.34
Scanning started at 17/07/2010 10:57:28
Database loaded: signatures - 275419, NN profile(s) - 2, malware removal microprograms - 56, signature database released 08.07.2010 09:40
Heuristic microprograms loaded: 383
PVS microprograms loaded: 9
Digital signatures of system files loaded: 213048
Heuristic analyzer mode: Medium heuristics mode
Malware removal mode: disabled
Windows version is: 6.1.7600, ; AVZ is run with administrator rights
System Restore: enabled
1. Searching for Rootkits and other software intercepting API functions
1.1 Searching for user-mode API hooks
Analysis: kernel32.dll, export table found in section .text
Function kernel32.dll:CopyFileA (114) intercepted, method - APICodeHijack.JmpTo[10025B56]
Function kernel32.dll:CopyFileExA (115) intercepted, method - APICodeHijack.JmpTo[10025B16]
Function kernel32.dll:CopyFileExW (116) intercepted, method - APICodeHijack.JmpTo[10025AF6]
Function kernel32.dll:CopyFileW (119) intercepted, method - APICodeHijack.JmpTo[10025B36]
Function kernel32.dll:CreateFileA (138) intercepted, method - APICodeHijack.JmpTo[10025B96]
Function kernel32.dll:CreateFileW (145) intercepted, method - APICodeHijack.JmpTo[10025B76]
Function kernel32.dll:CreateProcessA (166) intercepted, method - APICodeHijack.JmpTo[10025DF6]
Function kernel32.dll:CreateProcessW (170) intercepted, method - APICodeHijack.JmpTo[10025DD6]
Function kernel32.dll

Function kernel32.dll

Function kernel32.dll:GetModuleHandleA (535) intercepted, method - APICodeHijack.JmpTo[100259D6]
Function kernel32.dll:GetModuleHandleW (538) intercepted, method - APICodeHijack.JmpTo[100259B6]
Function kernel32.dll:GetProcAddress (583) intercepted, method - APICodeHijack.JmpTo[10025C36]
Function kernel32.dll:LoadLibraryA (829) intercepted, method - APICodeHijack.JmpTo[10025996]
Function kernel32.dll:LoadLibraryExA (830) intercepted, method - APICodeHijack.JmpTo[10025BF6]
Function kernel32.dll:LoadLibraryExW (831) intercepted, method - APICodeHijack.JmpTo[10025BD6]
Function kernel32.dll:LoadLibraryW (832) intercepted, method - APICodeHijack.JmpTo[10025976]
Function kernel32.dll:LoadModule (833) intercepted, method - APICodeHijack.JmpTo[10025C16]
Function kernel32.dll:MoveFileA (863) intercepted, method - APICodeHijack.JmpTo[10025AD6]
Function kernel32.dll:MoveFileExA (864) intercepted, method - APICodeHijack.JmpTo[10025A96]
Function kernel32.dll:MoveFileExW (865) intercepted, method - APICodeHijack.JmpTo[10025A76]
Function kernel32.dll:MoveFileW (868) intercepted, method - APICodeHijack.JmpTo[10025AB6]
Function kernel32.dll:MoveFileWithProgressA (869) intercepted, method - APICodeHijack.JmpTo[10025A56]
Function kernel32.dll:MoveFileWithProgressW (870) intercepted, method - APICodeHijack.JmpTo[10025A36]
Function kernel32.dll:OpenFile (887) intercepted, method - APICodeHijack.JmpTo[10025BB6]
Function kernel32.dll:WinExec (1299) intercepted, method - APICodeHijack.JmpTo[10025956]
Analysis: ntdll.dll, export table found in section .text
Function ntdll.dll:LdrGetProcedureAddress (130) intercepted, method - APICodeHijack.JmpTo[10025C96]
Function ntdll.dll:LdrLoadDll (137) intercepted, method - APICodeHijack.JmpTo[100234B6]
Function ntdll.dll:LdrUnloadDll (161) intercepted, method - APICodeHijack.JmpTo[1001CFD6]
Function ntdll.dll:NtAdjustPrivilegesToken (190) intercepted, method - APICodeHijack.JmpTo[10027F46]
Function ntdll.dll:NtAllocateVirtualMemory (197) intercepted, method - APICodeHijack.JmpTo[10025D16]
Function ntdll.dll:NtAlpcConnectPort (200) intercepted, method - APICodeHijack.JmpTo[10028966]
Function ntdll.dll:NtClose (228) intercepted, method - APICodeHijack.JmpTo[1001CEB6]
Function ntdll.dll:NtConnectPort (237) intercepted, method - APICodeHijack.JmpTo[1002B496]
Function ntdll.dll:NtCreateFile (244) intercepted, method - APICodeHijack.JmpTo[10025D96]
Function ntdll.dll:NtCreateProcess (257) intercepted, method - APICodeHijack.JmpTo[10025E36]
Function ntdll.dll:NtCreateProcessEx (258) intercepted, method - APICodeHijack.JmpTo[10025E16]
Function ntdll.dll:NtCreateSection (262) intercepted, method - APICodeHijack.JmpTo[1002A316]
Function ntdll.dll:NtCreateSymbolicLinkObject (264) intercepted, method - APICodeHijack.JmpTo[10027B66]
Function ntdll.dll:NtCreateThread (265) intercepted, method - APICodeHijack.JmpTo[1002BC66]
Function ntdll.dll:NtCreateThreadEx (266) intercepted, method - APICodeHijack.JmpTo[100285C6]
Function ntdll.dll:NtDeleteFile (281) intercepted, method - APICodeHijack.JmpTo[10025D56]
Function ntdll.dll:NtFreeVirtualMemory (310) intercepted, method - APICodeHijack.JmpTo[10025C56]
Function ntdll.dll:NtLoadDriver (335) intercepted, method - APICodeHijack.JmpTo[10025CF6]
Function ntdll.dll:NtMakeTemporaryObject (344) intercepted, method - APICodeHijack.JmpTo[1002AE06]
Function ntdll.dll:NtOpenFile (359) intercepted, method - APICodeHijack.JmpTo[10025D76]
Function ntdll.dll:NtOpenSection (374) intercepted, method - APICodeHijack.JmpTo[1002A946]
Function ntdll.dll:NtProtectVirtualMemory (395) intercepted, method - APICodeHijack.JmpTo[10025D36]
Function ntdll.dll:NtSetInformationProcess (513) intercepted, method - APICodeHijack.JmpTo[10025CB6]
Function ntdll.dll:NtSetSystemInformation (530) intercepted, method - APICodeHijack.JmpTo[1002B046]
Function ntdll.dll:NtShutdownSystem (540) intercepted, method - APICodeHijack.JmpTo[100281F6]
Function ntdll.dll:NtSystemDebugControl (548) intercepted, method - APICodeHijack.JmpTo[1002AC06]
Function ntdll.dll:NtTerminateProcess (550) intercepted, method - APICodeHijack.JmpTo[1002B806]
Function ntdll.dll:NtTerminateThread (551) intercepted, method - APICodeHijack.JmpTo[1002BA26]
Function ntdll.dll:NtUnloadDriver (559) intercepted, method - APICodeHijack.JmpTo[10025CD6]
Function ntdll.dll:NtWriteVirtualMemory (598) intercepted, method - APICodeHijack.JmpTo[10025DB6]
Function ntdll.dll:RtlAllocateHeap (645) intercepted, method - APICodeHijack.JmpTo[10025C76]
Function ntdll.dll:ZwAdjustPrivilegesToken (1441) intercepted, method - APICodeHijack.JmpTo[10027F46]
Function ntdll.dll:ZwAllocateVirtualMemory (1448) intercepted, method - APICodeHijack.JmpTo[10025D16]
Function ntdll.dll:ZwAlpcConnectPort (1451) intercepted, method - APICodeHijack.JmpTo[10028966]
Function ntdll.dll:ZwClose (1479) intercepted, method - APICodeHijack.JmpTo[1001CEB6]
Function ntdll.dll:ZwConnectPort (1488) intercepted, method - APICodeHijack.JmpTo[1002B496]
Function ntdll.dll:ZwCreateFile (1495) intercepted, method - APICodeHijack.JmpTo[10025D96]
Function ntdll.dll:ZwCreateProcess (1508) intercepted, method - APICodeHijack.JmpTo[10025E36]
Function ntdll.dll:ZwCreateProcessEx (1509) intercepted, method - APICodeHijack.JmpTo[10025E16]
Function ntdll.dll:ZwCreateSection (1513) intercepted, method - APICodeHijack.JmpTo[1002A316]
Function ntdll.dll:ZwCreateSymbolicLinkObject (1515) intercepted, method - APICodeHijack.JmpTo[10027B66]
Function ntdll.dll:ZwCreateThread (1516) intercepted, method - APICodeHijack.JmpTo[1002BC66]
Function ntdll.dll:ZwCreateThreadEx (1517) intercepted, method - APICodeHijack.JmpTo[100285C6]
Function ntdll.dll:ZwDeleteFile (1531) intercepted, method - APICodeHijack.JmpTo[10025D56]
Function ntdll.dll:ZwFreeVirtualMemory (1560) intercepted, method - APICodeHijack.JmpTo[10025C56]
Function ntdll.dll:ZwLoadDriver (1584) intercepted, method - APICodeHijack.JmpTo[10025CF6]
Function ntdll.dll:ZwMakeTemporaryObject (1593) intercepted, method - APICodeHijack.JmpTo[1002AE06]
Function ntdll.dll:ZwOpenFile (1608) intercepted, method - APICodeHijack.JmpTo[10025D76]
Function ntdll.dll:ZwOpenSection (1623) intercepted, method - APICodeHijack.JmpTo[1002A946]
Function ntdll.dll:ZwProtectVirtualMemory (1644) intercepted, method - APICodeHijack.JmpTo[10025D36]
Function ntdll.dll:ZwSetInformationProcess (1762) intercepted, method - APICodeHijack.JmpTo[10025CB6]
Function ntdll.dll:ZwSetSystemInformation (1779) intercepted, method - APICodeHijack.JmpTo[1002B046]
Function ntdll.dll:ZwShutdownSystem (1789) intercepted, method - APICodeHijack.JmpTo[100281F6]
Function ntdll.dll:ZwSystemDebugControl (1797) intercepted, method - APICodeHijack.JmpTo[1002AC06]
Function ntdll.dll:ZwTerminateProcess (1799) intercepted, method - APICodeHijack.JmpTo[1002B806]
Function ntdll.dll:ZwTerminateThread (1800) intercepted, method - APICodeHijack.JmpTo[1002BA26]
Function ntdll.dll:ZwUnloadDriver (1808) intercepted, method - APICodeHijack.JmpTo[10025CD6]
Function ntdll.dll:ZwWriteVirtualMemory (1847) intercepted, method - APICodeHijack.JmpTo[10025DB6]
Analysis: user32.dll, export table found in section .text
Function user32.dll:BlockInput (1517) intercepted, method - APICodeHijack.JmpTo[100187E6]
Function user32.dll

Function user32.dll

Function user32.dll

Function user32.dll

Function user32.dll:EnableWindow (1725) intercepted, method - APICodeHijack.JmpTo[10018336]
Function user32.dll:EndTask (1730) intercepted, method - APICodeHijack.JmpTo[10027416]
Function user32.dll:ExitWindowsEx (1754) intercepted, method - APICodeHijack.JmpTo[10018126]
Function user32.dll:GetAsyncKeyState (1772) intercepted, method - APICodeHijack.JmpTo[10019386]
Function user32.dll:GetClipboardData (1787) intercepted, method - APICodeHijack.JmpTo[100185D6]
Function user32.dll:GetKeyState (1826) intercepted, method - APICodeHijack.JmpTo[10019636]
Function user32.dll:GetKeyboardState (1831) intercepted, method - APICodeHijack.JmpTo[100198E6]
Function user32.dll:MoveWindow (2052) intercepted, method - APICodeHijack.JmpTo[10018E86]
Function user32.dll:PostMessageA (2078) intercepted, method - APICodeHijack.JmpTo[1001C126]
Function user32.dll:PostMessageW (2079) intercepted, method - APICodeHijack.JmpTo[1001BE86]
Function user32.dll:PostThreadMessageA (2081) intercepted, method - APICodeHijack.JmpTo[1001BBE6]
Function user32.dll:PostThreadMessageW (2082) intercepted, method - APICodeHijack.JmpTo[1001B946]
Function user32.dll:RegisterRawInputDevices (2115) intercepted, method - APICodeHijack.JmpTo[10019166]
Function user32.dll:SendDlgItemMessageA (2139) intercepted, method - APICodeHijack.JmpTo[1001A116]
Function user32.dll:SendDlgItemMessageW (2140) intercepted, method - APICodeHijack.JmpTo[10019E66]
Function user32.dll:SendInput (2143) intercepted, method - APICodeHijack.JmpTo[10019B96]
Function user32.dll:SendMessageA (2144) intercepted, method - APICodeHijack.JmpTo[1001B6A6]
Function user32.dll:SendMessageCallbackA (2145) intercepted, method - APICodeHijack.JmpTo[1001ABC6]
Function user32.dll:SendMessageCallbackW (2146) intercepted, method - APICodeHijack.JmpTo[1001A906]
Function user32.dll:SendMessageTimeoutA (2147) intercepted, method - APICodeHijack.JmpTo[1001B146]
Function user32.dll:SendMessageTimeoutW (2148) intercepted, method - APICodeHijack.JmpTo[1001AE86]
Function user32.dll:SendMessageW (2149) intercepted, method - APICodeHijack.JmpTo[1001B406]
Function user32.dll:SendNotifyMessageA (2150) intercepted, method - APICodeHijack.JmpTo[1001A666]
Function user32.dll:SendNotifyMessageW (2151) intercepted, method - APICodeHijack.JmpTo[1001A3C6]
Function user32.dll:SetClipboardViewer (2160) intercepted, method - APICodeHijack.JmpTo[100189E6]
Function user32.dll:SetParent (2191) intercepted, method - APICodeHijack.JmpTo[10018BE6]
Function user32.dll:SetWinEventHook (2216) intercepted, method - APICodeHijack.JmpTo[1001C3C6]
Function user32.dll:SetWindowsHookExA (2231) intercepted, method - APICodeHijack.JmpTo[1001C926]
Function user32.dll:SetWindowsHookExW (2232) intercepted, method - APICodeHijack.JmpTo[1001C6D6]
Function user32.dll:keybd_event (2329) intercepted, method - APICodeHijack.JmpTo[100247F6]
Function user32.dll:mouse_event (2330) intercepted, method - APICodeHijack.JmpTo[100245E6]
Analysis: advapi32.dll, export table found in section .text
Function advapi32.dll:AddMandatoryAce (1029) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE24B5->7679C334
Function advapi32.dll:CreateProcessAsUserA (1125) intercepted, method - APICodeHijack.JmpTo[1001FF36]
Function advapi32.dll:CreateProcessAsUserW (1126) intercepted, method - APICodeHijack.JmpTo[1001F726]
Function advapi32.dll:I_QueryTagInformation (1361) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE2655->770B72D8
Function advapi32.dll:I_ScIsSecurityProcess (1362) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE268C->770B733F
Function advapi32.dll:I_ScPnPGetServiceName (1363) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE26C3->770B7C40
Function advapi32.dll:I_ScQueryServiceConfig (1364) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE26FA->770B5F8A
Function advapi32.dll:I_ScSendPnPMessage (1365) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE2732->770B5E7D
Function advapi32.dll:I_ScSendTSMessage (1366) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE2766->770B71C5
Function advapi32.dll:I_ScValidatePnPService (1369) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE2799->770B6B9D
Function advapi32.dll:IsValidRelativeSecurityDescriptor (1389) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE27D1->7679C5DF
Function advapi32.dll:PerfCreateInstance (1515) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE2858->72F42187
Function advapi32.dll:PerfDecrementULongCounterValue (1516) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE2871->72F42A1D
Function advapi32.dll:PerfDecrementULongLongCounterValue (1517) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE2896->72F42B3C
Function advapi32.dll:PerfDeleteInstance (1519) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE28BF->72F42259
Function advapi32.dll:PerfIncrementULongCounterValue (1522) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE28D8->72F427B9
Function advapi32.dll:PerfIncrementULongLongCounterValue (1523) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE28FD->72F428D6
Function advapi32.dll:PerfQueryInstance (1528) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE2926->72F42373
Function advapi32.dll:PerfSetCounterRefValue (1529) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE293E->72F42447
Function advapi32.dll:PerfSetCounterSetInfo (1530) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE295B->72F420B0
Function advapi32.dll:PerfSetULongCounterValue (1531) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE2977->72F42565
Function advapi32.dll:PerfSetULongLongCounterValue (1532) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE2996->72F42680
Function advapi32.dll:PerfStartProvider (1533) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE29B9->72F41FED
Function advapi32.dll:PerfStartProviderEx (1534) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE29D1->72F41F34
Function advapi32.dll:PerfStopProvider (1535) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE29EB->72F42026
Function advapi32.dll:SystemFunction035 (1753) intercepted, method - ProcAddressHijack.GetProcAddress ->76DE2A3C->73F73EA8
Analysis: ws2_32.dll, export table found in section .text
Function ws2_32.dll:WSASocketA (99) intercepted, method - APICodeHijack.JmpTo[10025856]
Function ws2_32.dll:WSASocketW (100) intercepted, method - APICodeHijack.JmpTo[10025836]
Analysis: wininet.dll, export table found in section .text
Function wininet.dll:InternetConnectA (231) intercepted, method - APICodeHijack.JmpTo[10025896]
Function wininet.dll:InternetConnectW (232) intercepted, method - APICodeHijack.JmpTo[10025876]
Analysis: rasapi32.dll, export table found in section .text
Analysis: urlmon.dll, export table found in section .text
Function urlmon.dll:URLDownloadToCacheFileA (216) intercepted, method - APICodeHijack.JmpTo[100257D6]
Function urlmon.dll:URLDownloadToCacheFileW (217) intercepted, method - APICodeHijack.JmpTo[100257B6]
Function urlmon.dll:URLDownloadToFileA (218) intercepted, method - APICodeHijack.JmpTo[10025816]
Function urlmon.dll:URLDownloadToFileW (219) intercepted, method - APICodeHijack.JmpTo[100257F6]
Analysis: netapi32.dll, export table found in section .text
Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll

Function netapi32.dll:I_BrowserDebugCall (46) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4040->72F124A9
Function netapi32.dll:I_BrowserDebugTrace (47) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC405B->72F12581
Function netapi32.dll:I_BrowserQueryEmulatedDomains (48) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4077->72F129F9
Function netapi32.dll:I_BrowserQueryOtherDomains (49) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC409D->72F122C1
Function netapi32.dll:I_BrowserQueryStatistics (50) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC40C0->72F12651
Function netapi32.dll:I_BrowserResetNetlogonState (51) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC40E1->72F123D1
Function netapi32.dll:I_BrowserResetStatistics (52) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4105->72F12729
Function netapi32.dll:I_BrowserServerEnum (53) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4126->72F120BF
Function netapi32.dll:I_BrowserSetNetlogonState (54) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4142->72F12919
Function netapi32.dll:I_DsUpdateReadOnlyServerDnsRecords (55) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4164->72D55569
Function netapi32.dll:I_NetAccountDeltas (56) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4190->72D563AB
Function netapi32.dll:I_NetAccountSync (57) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC41AC->72D563AB
Function netapi32.dll:I_NetChainSetClientAttributes (59) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC41C6->72D56FA6
Function netapi32.dll:I_NetChainSetClientAttributes2 (58) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC41ED->72D57029
Function netapi32.dll:I_NetDatabaseDeltas (60) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4215->72D56391
Function netapi32.dll:I_NetDatabaseRedo (61) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4232->72D56521
Function netapi32.dll:I_NetDatabaseSync (63) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC424D->72D56391
Function netapi32.dll:I_NetDatabaseSync2 (62) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4268->72D5639E
Function netapi32.dll:I_NetDfsGetVersion (64) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4284->73D97CA1
Function netapi32.dll:I_NetDfsIsThisADomainName (65) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC429E->72ED4E39
Function netapi32.dll:I_NetGetDCList (66) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC42BF->72D55D9C
Function netapi32.dll:I_NetGetForestTrustInformation (67) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC42D7->72D56EF1
Function netapi32.dll:I_NetLogonControl (69) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC42FF->72D563B8
Function netapi32.dll:I_NetLogonControl2 (68) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC431A->72D56439
Function netapi32.dll:I_NetLogonGetDomainInfo (70) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4336->72D464A4
Function netapi32.dll:I_NetLogonSamLogoff (71) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4357->72D56091
Function netapi32.dll:I_NetLogonSamLogon (72) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4374->72D55F39
Function netapi32.dll:I_NetLogonSamLogonEx (73) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4390->72D55FE1
Function netapi32.dll:I_NetLogonSamLogonWithFlags (74) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC43AE->72D4B22A
Function netapi32.dll:I_NetLogonSendToSam (75) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC43D3->72D56111
Function netapi32.dll:I_NetLogonUasLogoff (76) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC43F0->72D55EC9
Function netapi32.dll:I_NetLogonUasLogon (77) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC440D->72D55E53
Function netapi32.dll:I_NetServerAuthenticate (80) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4429->72D56191
Function netapi32.dll:I_NetServerAuthenticate2 (78) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC444A->72D56211
Function netapi32.dll:I_NetServerAuthenticate3 (79) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC446C->72D46393
Function netapi32.dll:I_NetServerGetTrustInfo (81) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC448E->72D56C61
Function netapi32.dll:I_NetServerPasswordGet (82) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC44AF->72D56B61
Function netapi32.dll:I_NetServerPasswordSet (84) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC44CF->72D56291
Function netapi32.dll:I_NetServerPasswordSet2 (83) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC44EF->72D56311
Function netapi32.dll:I_NetServerReqChallenge (85) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4510->72D46424
Function netapi32.dll:I_NetServerSetServiceBits (86) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4531->73D9426D
Function netapi32.dll:I_NetServerSetServiceBitsEx (87) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4552->73D96D11
Function netapi32.dll:I_NetServerTrustPasswordsGet (88) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4575->72D56BE1
Function netapi32.dll:I_NetlogonComputeClientDigest (89) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC459B->72D45C20
Function netapi32.dll:I_NetlogonComputeServerDigest (90) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC45C2->72D56AEC
Function netapi32.dll:NetAddAlternateComputerName (97) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC45E9->73D85B21
Function netapi32.dll:NetAddServiceAccount (98) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC460C->72D570B1
Function netapi32.dll:NetApiBufferAllocate (101) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC462A->73DB1415
Function netapi32.dll:NetApiBufferFree (102) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4648->73DB13D2
Function netapi32.dll:NetApiBufferReallocate (103) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4662->73DB3729
Function netapi32.dll:NetApiBufferSize (104) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4682->73DB3771
Function netapi32.dll:NetBrowserStatisticsGet (108) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC469C->72F12801
Function netapi32.dll:NetConnectionEnum (112) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC46BC->73D95521
Function netapi32.dll:NetDfsAdd (113) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC46D5->72ED78FD
Function netapi32.dll:NetDfsAddFtRoot (114) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC46E6->72ED6859
Function netapi32.dll:NetDfsAddRootTarget (115) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC46FD->72ED7401
Function netapi32.dll:NetDfsAddStdRoot (116) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4718->72ED2B1E
Function netapi32.dll:NetDfsAddStdRootForced (117) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4730->72ED2BB1
Function netapi32.dll:NetDfsEnum (118) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC474E->72ED70F9
Function netapi32.dll:NetDfsGetClientInfo (119) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4760->72ED3F25
Function netapi32.dll:NetDfsGetDcAddress (120) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC477B->72ED2C51
Function netapi32.dll:NetDfsGetFtContainerSecurity (121) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4795->72ED5363
Function netapi32.dll:NetDfsGetInfo (122) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC47B9->72ED2D69
Function netapi32.dll:NetDfsGetSecurity (123) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC47CE->72ED7741
Function netapi32.dll:NetDfsGetStdContainerSecurity (124) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC47E7->72ED3AD5
Function netapi32.dll:NetDfsGetSupportedNamespaceVersion (125) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC480C->72ED5C19
Function netapi32.dll:NetDfsManagerGetConfigInfo (126) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4836->72ED2E9C
Function netapi32.dll:NetDfsManagerInitialize (127) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4858->72ED2F91
Function netapi32.dll:NetDfsManagerSendSiteInfo (128) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4877->72ED72C5
Function netapi32.dll:NetDfsMove (129) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4898->72ED5651
Function netapi32.dll:NetDfsRemove (130) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC48AA->72ED7A19
Function netapi32.dll:NetDfsRemoveFtRoot (131) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC48BE->72ED6A99
Function netapi32.dll:NetDfsRemoveFtRootForced (132) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC48D8->72ED6BE5
Function netapi32.dll:NetDfsRemoveRootTarget (133) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC48F8->72ED5879
Function netapi32.dll:NetDfsRemoveStdRoot (134) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4916->72ED2CE1
Function netapi32.dll:NetDfsRename (135) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4931->72ED2E91
Function netapi32.dll:NetDfsSetClientInfo (136) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4945->72ED4301
Function netapi32.dll:NetDfsSetFtContainerSecurity (137) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4960->72ED53AF
Function netapi32.dll:NetDfsSetInfo (138) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4984->72ED6D8B
Function netapi32.dll:NetDfsSetSecurity (139) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4999->72ED7822
Function netapi32.dll:NetDfsSetStdContainerSecurity (140) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC49B2->72ED3B24
Function netapi32.dll:NetEnumerateComputerNames (141) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC49D7->73D85E39
Function netapi32.dll:NetEnumerateServiceAccounts (142) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC49F8->72D57199
Function netapi32.dll:NetEnumerateTrustedDomains (143) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4A1D->72D5652E
Function netapi32.dll:NetFileClose (147) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4A41->73D95659
Function netapi32.dll:NetFileEnum (148) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4A55->73D95729
Function netapi32.dll:NetFileGetInfo (149) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4A68->73D95859
Function netapi32.dll:NetGetAnyDCName (150) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4A7E->72D5496D
Function netapi32.dll:NetGetDCName (151) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4A97->72D55913
Function netapi32.dll:NetGetDisplayInformationIndex (152) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4AAD->73094117
Function netapi32.dll:NetGetJoinInformation (153) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4AD2->73D82DC7
Function netapi32.dll:NetGetJoinableOUs (154) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4AEF->73D859D1
Function netapi32.dll:NetGroupAdd (155) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4B08->730971C3
Function netapi32.dll:NetGroupAddUser (156) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4B1B->730973AD
Function netapi32.dll:NetGroupDel (157) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4B32->730973CB
Function netapi32.dll:NetGroupDelUser (158) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4B45->730973EB
Function netapi32.dll:NetGroupEnum (159) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4B5C->73097409
Function netapi32.dll:NetGroupGetInfo (160) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4B70->730978C8
Function netapi32.dll:NetGroupGetUsers (161) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4B87->73097952
Function netapi32.dll:NetGroupSetInfo (162) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4B9F->73097C02
Function netapi32.dll:NetGroupSetUsers (163) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4BB6->73097DAE
Function netapi32.dll:NetIsServiceAccount (164) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4BCE->72D572D9
Function netapi32.dll:NetJoinDomain (165) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4BEB->73D854B9
Function netapi32.dll:NetLocalGroupAdd (166) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4C00->7309875A
Function netapi32.dll:NetLocalGroupAddMember (167) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4C18->73098886
Function netapi32.dll:NetLocalGroupAddMembers (168) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4C36->73098E99
Function netapi32.dll:NetLocalGroupDel (169) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4C55->730988A4
Function netapi32.dll:NetLocalGroupDelMember (170) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4C6D->73098928
Function netapi32.dll:NetLocalGroupDelMembers (171) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4C8B->73098EBD
Function netapi32.dll:NetLocalGroupEnum (172) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4CAA->73098946
Function netapi32.dll:NetLocalGroupGetInfo (173) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4CC3->73098CE4
Function netapi32.dll:NetLocalGroupGetMembers (174) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4CDF->73092265
Function netapi32.dll:NetLocalGroupSetInfo (175) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4CFE->73098D57
Function netapi32.dll:NetLocalGroupSetMembers (176) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4D1A->73098E75
Function netapi32.dll:NetLogonGetTimeServiceParentDomain (177) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4D39->72D56CE9
Function netapi32.dll:NetLogonSetServiceBits (178) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4D65->72D4603C
Function netapi32.dll:NetProvisionComputerAccount (184) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4D85->72D2F2D3
Function netapi32.dll:NetQueryDisplayInformation (185) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4DA9->73093D87
Function netapi32.dll:NetQueryServiceAccount (186) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4DCB->72D57249
Function netapi32.dll:NetRemoteComputerSupports (188) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4DEB->73DB2160
Function netapi32.dll:NetRemoteTOD (189) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4E0E->73D96C11
Function netapi32.dll:NetRemoveAlternateComputerName (190) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4E22->73D85C29
Function netapi32.dll:NetRemoveServiceAccount (191) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4E48->72D57129
Function netapi32.dll:NetRenameMachineInDomain (192) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4E69->73D85751
Function netapi32.dll:NetRequestOfflineDomainJoin (208) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4E89->72D2B52F
Function netapi32.dll:NetScheduleJobAdd (209) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4EAD->72EC19D1
Function netapi32.dll:NetScheduleJobDel (210) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4EC8->72EC1AC9
Function netapi32.dll:NetScheduleJobEnum (211) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4EE3->72EC1BC1
Function netapi32.dll:NetScheduleJobGetInfo (212) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4EFF->72EC1CE1
Function netapi32.dll:NetServerAliasAdd (213) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4F1E->73D97843
Function netapi32.dll:NetServerAliasDel (214) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4F37->73D97A79
Function netapi32.dll:NetServerAliasEnum (215) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4F50->73D97931
Function netapi32.dll:NetServerComputerNameAdd (216) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4F6A->73D97411
Function netapi32.dll:NetServerComputerNameDel (217) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4F8A->73D976FB
Function netapi32.dll:NetServerDiskEnum (218) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4FAA->73D96559
Function netapi32.dll:NetServerEnum (219) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4FC3->72F12F61
Function netapi32.dll:NetServerEnumEx (220) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4FD9->72F12C5F
Function netapi32.dll:NetServerGetInfo (221) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC4FF1->73D93CFA
Function netapi32.dll:NetServerSetInfo (222) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5009->73D96681
Function netapi32.dll:NetServerTransportAdd (223) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5021->73D96851
Function netapi32.dll:NetServerTransportAddEx (224) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC503E->73D97329
Function netapi32.dll:NetServerTransportDel (225) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC505D->73D96A01
Function netapi32.dll:NetServerTransportEnum (226) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC507A->73D96AD9
Function netapi32.dll:NetSessionDel (231) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5098->73D95941
Function netapi32.dll:NetSessionEnum (232) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC50AD->73D95A11
Function netapi32.dll:NetSessionGetInfo (233) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC50C3->73D95B41
Function netapi32.dll:NetSetPrimaryComputerName (234) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC50DC->73D85D31
Function netapi32.dll:NetShareAdd (235) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC50FD->73D95C81
Function netapi32.dll:NetShareCheck (236) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5110->73D95E91
Function netapi32.dll:NetShareDel (237) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5125->73D95F81
Function netapi32.dll:NetShareDelEx (238) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5138->73D97B61
Function netapi32.dll:NetShareDelSticky (239) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC514D->73D960D1
Function netapi32.dll:NetShareEnum (240) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5166->73D93F91
Function netapi32.dll:NetShareEnumSticky (241) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC517A->73D961C9
Function netapi32.dll:NetShareGetInfo (242) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5194->73D9433F
Function netapi32.dll:NetShareSetInfo (243) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC51AB->73D96341
Function netapi32.dll:NetUnjoinDomain (245) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC51C2->73D85641
Function netapi32.dll:NetUseAdd (247) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC51D9->73D83693
Function netapi32.dll:NetUseDel (248) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC51EA->73D85FA9
Function netapi32.dll:NetUseEnum (249) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC51FB->73D83184
Function netapi32.dll:NetUseGetInfo (250) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC520D->73D86039
Function netapi32.dll:NetUserAdd (251) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5222->7309464F
Function netapi32.dll:NetUserChangePassword (252) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5234->73095A06
Function netapi32.dll:NetUserDel (253) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5251->73094826
Function netapi32.dll:NetUserEnum (254) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5263->730949D6
Function netapi32.dll:NetUserGetGroups (255) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5276->73094E01
Function netapi32.dll:NetUserGetInfo (256) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC528E->73091C60
Function netapi32.dll:NetUserGetLocalGroups (257) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC52A4->73092875
Function netapi32.dll:NetUserModalsGet (258) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC52C1->7309206B
Function netapi32.dll:NetUserModalsSet (259) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC52D9->730954AA
Function netapi32.dll:NetUserSetGroups (260) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC52F1->73095095
Function netapi32.dll:NetUserSetInfo (261) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5309->73094D1D
Function netapi32.dll:NetValidateName (262) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC531F->73D85859
Function netapi32.dll:NetValidatePasswordPolicy (263) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5336->73099967
Function netapi32.dll:NetValidatePasswordPolicyFree (264) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5357->73099B6B
Function netapi32.dll:NetWkstaTransportAdd (267) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC537C->73D84E45
Function netapi32.dll:NetWkstaTransportDel (268) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5398->73D84F21
Function netapi32.dll:NetWkstaTransportEnum (269) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC53B4->73D84CF9
Function netapi32.dll:NetWkstaUserEnum (270) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC53D1->73D84AD1
Function netapi32.dll:NetWkstaUserGetInfo (271) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC53E9->73D83280
Function netapi32.dll:NetWkstaUserSetInfo (272) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5404->73D84C15
Function netapi32.dll:NetapipBufferAllocate (273) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC541F->73DB37AA
Function netapi32.dll:NetpIsRemote (289) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC543E->73DB382D
Function netapi32.dll:NetpwNameCanonicalize (296) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5454->73DB1C30
Function netapi32.dll:NetpwNameCompare (297) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5473->73DB1F2E
Function netapi32.dll:NetpwNameValidate (298) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC548D->73DB1990
Function netapi32.dll:NetpwPathCanonicalize (299) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC54A8->73DB275D
Function netapi32.dll:NetpwPathCompare (300) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC54C7->73DB4086
Function netapi32.dll:NetpwPathType (301) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC54E1->73DB2533
Function netapi32.dll:NlBindingAddServerToCache (302) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC54F8->72D461F8
Function netapi32.dll:NlBindingRemoveServerFromCache (303) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC551B->72D45D67
Function netapi32.dll:NlBindingSetAuthInfo (304) intercepted, method - ProcAddressHijack.GetProcAddress ->73DC5543->72D46198
1.2 Searching for kernel-mode API hooks
Error loading driver - operation interrupted [C000036B]
1.4 Searching for masking processes and drivers
Checking not performed: extended monitoring driver (AVZPM) is not installed
1.5 Checking IRP handlers
Error loading driver - operation interrupted [C000036B]
2. Scanning RAM
Number of processes found: 11
Number of modules loaded: 201
Scanning RAM - complete
3. Scanning disks
4. Checking Winsock Layered Service Provider (SPI/LSP)
LSP settings checked. No errors detected
5. Searching for keyboard/mouse/windows events hooks (Keyloggers, Trojan DLLs)
6. Searching for opened TCP/UDP ports used by malicious software
Checking - disabled by user
7. Heuristic system check
Latent DLL loading through AppInit_DLLs suspected: "C:\Windows\SysWOW64\guard32.dll"
Checking - complete
8. Searching for vulnerabilities
>> Services: potentially dangerous service allowed: Schedule (Agendador de Tarefas)
> Services: please bear in mind that the set of services depends on the use of the PC (home PC, office PC connected to corporate network, etc)!
>> Security: disk drives' autorun is enabled
>> Security: anonymous user access is enabled
Checking - complete
9. Troubleshooting wizard
>> Process termination timeout is out of admissible values
>> Service termination timeout is out of admissible values
>> Timeout of "Not Responding" verdict for processes is out of admissible values
Checking - complete
Files scanned: 212, extracted from archives: 0, malicious software found 0, suspicions - 0
Scanning finished at 17/07/2010 10:57:48
Time of scanning: 00:00:21
If you have a suspicion on presence of viruses or questions on the suspected objects,
you can address http://virusinfo.info conference
Me ajudem, por favor